Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/49p9Xb_bxss1sbnvL85J9LCeOIk.roa
File: 49p9Xb_bxss1sbnvL85J9LCeOIk.roa (raw, json)
Hash identifier: BqIQH89klIBrjZOiNH1fWGIPCqg3PtchZ8LercDObRI=
Subject key identifier: E3:DA:7D:5D:BF:DB:C6:CB:35:B1:B9:EF:2F:CE:49:F4:B0:9E:38:89
Certificate issuer: /CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Certificate serial: 018CC26D4A881354D3E50B69E08C5B2B831E
Authority key identifier: 0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/49p9Xb_bxss1sbnvL85J9LCeOIk.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47279
IP address blocks: 185.97.179.0/24 maxlen: 24
157.97.72.0/24 maxlen: 24
2a03:4340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 22:03:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4a:88:13:54:d3:e5:0b:69:e0:8c:5b:2b:83:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3da7d5dbfdbc6cb35b1b9ef2fce49f4b09e3889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:84:5c:22:d7:00:10:de:ac:29:e9:c8:19:19:
1e:cf:ce:3d:d5:9b:19:ed:0a:09:dc:28:11:cb:c0:
36:85:86:17:42:ae:bb:e7:50:dd:8e:2c:3c:d1:f1:
69:a2:3c:97:f4:dd:cb:30:53:83:3f:96:a8:97:99:
1e:f8:d1:69:ef:ca:af:40:0a:33:71:50:79:43:ea:
39:2a:5e:43:98:5d:ae:9b:12:62:03:83:65:00:0d:
69:b9:ca:89:79:61:47:c2:54:0e:cc:8c:38:b9:26:
42:5d:f9:ce:1e:89:bb:ba:63:1a:e8:80:1e:12:ad:
c4:cc:71:e6:98:a1:e4:2f:40:2c:a4:86:4b:7b:b4:
f5:ae:54:a4:1e:55:b4:7f:a2:68:55:12:42:4a:20:
d9:8e:7b:5d:14:fe:5d:ba:bb:fe:84:24:0a:64:28:
3f:b4:a0:fb:28:88:41:a5:19:b6:06:4f:2c:52:46:
7e:20:8f:21:ad:1d:9e:cb:5f:79:a4:4e:1e:b8:f1:
b7:9a:d0:15:57:90:6c:d8:71:22:91:5f:e6:ed:12:
33:d7:37:24:4b:ec:d3:ca:bd:e3:77:ce:96:ac:4e:
e0:14:4c:7d:3d:ae:5c:9f:ef:ee:65:5a:e1:fb:c9:
de:80:36:9e:e5:2e:71:04:69:8d:12:52:fe:c7:d3:
5f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DA:7D:5D:BF:DB:C6:CB:35:B1:B9:EF:2F:CE:49:F4:B0:9E:38:89
X509v3 Authority Key Identifier:
keyid:0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/49p9Xb_bxss1sbnvL85J9LCeOIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.72.0/24
185.97.179.0/24
IPv6:
2a03:4340::/32
Signature Algorithm: sha256WithRSAEncryption
2a:f3:bb:5f:c9:64:12:1c:19:08:a4:45:31:af:dd:74:0e:3c:
65:b9:44:ad:fa:2b:d4:64:14:66:ea:5e:af:6c:c8:9a:2b:08:
74:d1:2f:48:56:09:0b:d6:81:69:33:b3:35:d8:b0:88:36:b6:
56:0f:5a:01:2d:df:c9:1e:1d:07:92:01:89:55:fb:75:42:57:
3d:08:e6:1d:07:28:0c:1d:f1:0d:48:29:2e:2e:ee:61:16:1a:
0f:35:61:5e:8e:cc:a0:1b:a4:86:a1:cc:2e:f7:0a:c5:4b:e3:
66:66:e3:40:8e:b8:06:a3:ff:b3:1e:47:18:90:55:00:68:91:
d8:c0:54:aa:01:a4:a0:5f:d6:1a:40:b4:8d:b2:f4:6c:d5:e5:
40:0c:bc:a3:a4:3f:67:72:d4:0e:94:c9:c5:3f:0d:c1:ec:f5:
52:be:07:01:c1:49:ac:f8:56:75:43:e6:1f:8a:e4:78:f0:f8:
da:c7:47:a1:19:b6:dd:01:ab:0e:2b:2c:e8:a3:14:19:d6:2c:
31:d4:2f:3c:fd:9a:6c:e7:2f:40:ae:d6:1a:93:ea:62:c2:57:
4c:dc:15:03:24:83:00:e2:f3:ed:8b:21:4a:65:76:b6:6b:5b:
5c:36:c7:53:0f:ad:cb:21:9a:0e:62:8e:e7:68:36:ba:6a:c5:
0e:f7:bd:52
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbUqIE1TT5Qtp4IxbK4MeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGNiZWU1MTk5MGYxZTA1YTlkMWRjMGMyZjJmM2E4YTM0
NzBjMTMwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RhN2Q1ZGJmZGJjNmNiMzViMWI5ZWYyZmNlNDlmNGIwOWUzODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoRcItcAEN6sKenIGRkez8491ZsZ
7QoJ3CgRy8A2hYYXQq6751Ddjiw80fFpojyX9N3LMFODP5aol5ke+NFp78qvQAoz
cVB5Q+o5Kl5DmF2umxJiA4NlAA1pucqJeWFHwlQOzIw4uSZCXfnOHom7umMa6IAe
Eq3EzHHmmKHkL0AspIZLe7T1rlSkHlW0f6JoVRJCSiDZjntdFP5durv+hCQKZCg/
tKD7KIhBpRm2Bk8sUkZ+II8hrR2ey195pE4euPG3mtAVV5Bs2HEikV/m7RIz1zck
S+zTyr3jd86WrE7gFEx9Pa5cn+/uZVrh+8negDae5S5xBGmNElL+x9NfQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOPafV2/28bLNbG57y/OSfSwnjiJMB8GA1UdIwQY
MBaAFA2MvuUZkPHgWp0dwMLy86ijRwwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWIt
MWIxZTc4Y2JiYjA5LzEvNDlwOVhiX2J4c3Mxc2Judkw4NUo5TENlT0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWItMWIxZTc4Y2JiYjA5
LzEvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAnWFIAwQA
uWGzMA0EAgACMAcDBQAqA0NAMA0GCSqGSIb3DQEBCwUAA4IBAQAq87tfyWQSHBkI
pEUxr910DjxluUSt+ivUZBRm6l6vbMiaKwh00S9IVgkL1oFpM7M12LCINrZWD1oB
Ld/JHh0HkgGJVft1Qlc9COYdBygMHfENSCkuLu5hFhoPNWFejsygG6SGocwu9wrF
S+NmZuNAjrgGo/+zHkcYkFUAaJHYwFSqAaSgX9YaQLSNsvRs1eVADLyjpD9nctQO
lMnFPw3B7PVSvgcBwUms+FZ1Q+YfiuR48Pjax0ehGbbdAasOKyzooxQZ1iwx1C88
/Zps5y9ArtYak+piwldM3BUDJIMA4vPtiyFKZXa2a1tcNsdTD63LIZoOYo7naDa6
asUO971S
-----END CERTIFICATE-----
Generated at Wed May 29 01:11:20 2024 by rpki-client on console-fra.rpki-client.org